Privacy-preserving Surveillance Methods using Homomorphic Encryption (2020)
Presentation / Conference Contribution
Bowditch, W., Abramson, W., Buchanan, W. J., Pitropakis, N., & Hall, A. J. (2020, February). Privacy-preserving Surveillance Methods using Homomorphic Encryption. Presented at 6th International Conference on Information Security Systems and Privacy (ICISSP), Valletta, Malta

Data analysis and machine learning methods often involve the processing of cleartext data, and where this could breach the rights to privacy. Increasingly, we must use encryption to protect all states of the data: in-transit, at-rest, and in-memory.... Read More about Privacy-preserving Surveillance Methods using Homomorphic Encryption.

Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach (2020)
Presentation / Conference Contribution
Christou, O., Pitropakis, N., Papadopoulos, P., Mckeown, S., & Buchanan, W. J. (2020, February). Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach. Presented at ICISSP 2020, Valletta, Malta

Phishing is considered to be one of the most prevalent cyber-attacks because of its immense flexibility and alarmingly high success rate. Even with adequate training and high situational awareness, it can still be hard for users to continually be awa... Read More about Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach.

Trust-aware and Cooperative Routing Protocol for IoT Security (2020)
Journal Article
Djedjig, N., Tandjaoui, D., Medjek, F., & Romdhani, I. (2020). Trust-aware and Cooperative Routing Protocol for IoT Security. Journal of Information Security and Applications, 52, Article 102467. https://doi.org/10.1016/j.jisa.2020.102467

The resource-constrained nature of IoT objects makes the Routing Protocol for Low-power and Lossy Networks (RPL) vulnerable to several attacks. Although RPL specification provides encryption protection to control messages, RPL is still vulnerable to... Read More about Trust-aware and Cooperative Routing Protocol for IoT Security.

An authentication protocol based on chaos and zero knowledge proof (2020)
Journal Article
Major, W., Buchanan, W. J., & Ahmad, J. (2020). An authentication protocol based on chaos and zero knowledge proof. Nonlinear Dynamics, 99, 3065-3087. https://doi.org/10.1007/s11071-020-05463-3

Port Knocking is a method for authenticating clients through a closed stance firewall, and authorising their requested actions, enabling severs to offer services to authenticated clients, without opening ports on the firewall. Advances in port knocki... Read More about An authentication protocol based on chaos and zero knowledge proof.

MRC4: A Modified RC4 Algorithm using Symmetric Random Function Generator for Improved Cryptographic Features (2019)
Journal Article
Saha, R., Geetha, G., Kumar, G., Kim, T.-H., & Buchanan, W. J. (2019). MRC4: A Modified RC4 Algorithm using Symmetric Random Function Generator for Improved Cryptographic Features. IEEE Access, 7, 172045-172054. https://doi.org/10.1109/access.2019.2956160

The Rivest Cipher 4 (RC4) has been one of the most popular stream ciphers for providing symmetric key encryption, and is now proposed as an efficient cipher within light-weight cryptography. As an algorithm it has been considered to be one of the fas... Read More about MRC4: A Modified RC4 Algorithm using Symmetric Random Function Generator for Improved Cryptographic Features.

WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels (2019)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2019, July). WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels. Presented at 15th IEEE International Conference on Control & Automation (ICCA), Edinburgh, Scotland

Industrial Control Systems (ICS) have faced a growing number of threats over the past few years. Reliance on isolated controls networks or air-gapped computers is no longer a feasible solution when it comes to protecting ICS. It is because the new ar... Read More about WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels.

RESCUE: Evaluation of a Fragmented Secret Share System in Distributed-Cloud Architecture (2019)
Thesis
Ukwandu, E. A. RESCUE: Evaluation of a Fragmented Secret Share System in Distributed-Cloud Architecture. (Thesis). Edinburgh Napier University. http://researchrepository.napier.ac.uk/Output/2455031

Scaling big data infrastructure using multi-cloud environment has led to the demand for highly secure, resilient and reliable data sharing method. Several variants of secret sharing scheme have been proposed but there remains a gap in knowledge on th... Read More about RESCUE: Evaluation of a Fragmented Secret Share System in Distributed-Cloud Architecture.

Embedded document security using sticky policies and identity based encryption (2019)
Thesis
Spyra, G. K. Embedded document security using sticky policies and identity based encryption. (Thesis). Edinburgh Napier University. http://researchrepository.napier.ac.uk/Output/2090564

Data sharing domains have expanded over several, both trusted and insecure environments. At the same time, the data security boundaries have shrunk from internal network perimeters down to a single identity and a piece of information. Since new EU GD... Read More about Embedded document security using sticky policies and identity based encryption.

A Comprehensive Survey of Security Threats and their Mitigation Techniques for next-generation SDN Controllers (2019)
Journal Article
Han, T., Jan, S., Tan, T., Usman, M., Jan, M., Khan, R., & Xu, Y. (2020). A Comprehensive Survey of Security Threats and their Mitigation Techniques for next-generation SDN Controllers. Concurrency and Computation: Practice and Experience, 32(16), Article e5300. https://doi.org/10.1002/cpe.5300

Software Dened Network (SDN) and Network Virtualization (NV) are emerged paradigms that simplied the control and management of the next generation networks, most importantly, Internet of Things (IoT), Cloud Computing, and Cyber-Physical Systems. Th... Read More about A Comprehensive Survey of Security Threats and their Mitigation Techniques for next-generation SDN Controllers.

Identifying Vulnerabilities Using Internet-wide Scanning Data (2019)
Presentation / Conference Contribution
O'Hare, J., Macfarlane, R., & Lo, O. (2019, January). Identifying Vulnerabilities Using Internet-wide Scanning Data. Presented at 12th International Conference on Global Security, Safety and Sustainability - ICGS3-19, London, United Kingdom

Internet-wide scanning projects such as Shodan and Censys, scan the Internet and collect active reconnaissance results for online devices. Access to this information is provided through associated websites. The Internet-wide scanning data can be used... Read More about Identifying Vulnerabilities Using Internet-wide Scanning Data.

A Forensic Audit of the Tor Browser Bundle (2019)
Journal Article
Muir, M., Leimich, P., & Buchanan, W. J. (2019). A Forensic Audit of the Tor Browser Bundle. Digital Investigation, 29, 118-128. https://doi.org/10.1016/j.diin.2019.03.009

The increasing use of encrypted data within file storage and in network communications leaves investigators with many challenges. One of the most challenging is the Tor protocol, as its main focus is to protect the privacy of the user, in both its lo... Read More about A Forensic Audit of the Tor Browser Bundle.

Decrypting Live SSH Traffic in Virtual Environments (2019)
Journal Article
Mclaren, P., Russell, G., Buchanan, W. J., & Tan, Z. (2019). Decrypting Live SSH Traffic in Virtual Environments. Digital Investigation, 29, 109-117. https://doi.org/10.1016/j.diin.2019.03.010

Decrypting and inspecting encrypted malicious communications may assist crime detection and prevention. Access to client or server memory enables the discovery of artefacts required for decrypting secure communications. This paper develops the MemDe-... Read More about Decrypting Live SSH Traffic in Virtual Environments.

Top 10 Blockchain Predictions for the (Near) Future of Healthcare (2019)
Journal Article
Halamka, J. D., Alterovitz, G., Buchanan, W. J., Cenaj, T., Clauson, K. A., Dhillon, V., Hudson, F. D., Mokhtari, M. (., Porto, D. A., Rutschman, A., & Ngo, A. L. (2019). Top 10 Blockchain Predictions for the (Near) Future of Healthcare. Blockchain in Healthcare Today, 2, https://doi.org/10.30953/bhty.v2.106

To review blockchain lessons learned in 2018 and near-future predictions for blockchain in healthcare, Blockchain in Healthcare Today (BHTY) asked the world's blockchain in healthcare experts to share their insights. Here, our internationally-renowne... Read More about Top 10 Blockchain Predictions for the (Near) Future of Healthcare.

Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier (2019)
Presentation / Conference Contribution
Hall, A. J., Pitropakis, N., Buchanan, W. J., & Moradpoor, N. (2018, December). Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier. Presented at International Workshop on Big Data Analytics for Cyber Threat Hunting, Seattle, WA, USA

Insider threats continue to present a major challenge for the information security community. Despite constant research taking place in this area; a substantial gap still exists between the requirements of this community and the solutions that are cu... Read More about Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier.

System and method for management of confidential data (2018)
Patent
Buchanan, B., Lo, O., Macfarlane, R., Penrose, P., & Ramsay, B. (2018). System and method for management of confidential data. GB2561176A

This application is for a method of data management to identify confidential digital content on a database by first receiving a management request 302 from a system 304 to carry out data management operations. These include the identification of data... Read More about System and method for management of confidential data.

Design of Multi-View Based Email Classification for IoT Systems via Semi-Supervised Learning (2018)
Journal Article
Li, W., Meng, W., Tan, Z., & Xiang, Y. (2019). Design of Multi-View Based Email Classification for IoT Systems via Semi-Supervised Learning. Journal of Network and Computer Applications, 128, 56-63. https://doi.org/10.1016/j.jnca.2018.12.002

Suspicious emails are one big threat for Internet of Things (IoT) security, which aim to induce users to click and then redirect them to a phishing webpage. To protect IoT systems, email classification is an essential mechanism to classify spam and l... Read More about Design of Multi-View Based Email Classification for IoT Systems via Semi-Supervised Learning.

Sub-file Hashing Strategies for Fast Contraband Detection (2018)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2018, June). Sub-file Hashing Strategies for Fast Contraband Detection. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2018), Glasgow, Scotland

Traditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for many law enforcement agencies. Data reduction techniques are required for fast... Read More about Sub-file Hashing Strategies for Fast Contraband Detection.

Reducing the Impact of Network Bottlenecks on Remote Contraband Detection (2018)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2018, June). Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2018), Glasgow, UK

Cloud based storage is increasing in popularity, with
large volumes of data being stored remotely. Digital forensics
investigators examining such systems remotely are limited by
bandwidth constraints when accessing this kind of data using
traditi... Read More about Reducing the Impact of Network Bottlenecks on Remote Contraband Detection.

SMK-means: An Improved Mini Batch K-means Algorithm Based on Mapreduce with Big Data (2018)
Journal Article
Xiao, B., Wang, Z., Liu, Q., & Liu, X. (2018). SMK-means: An Improved Mini Batch K-means Algorithm Based on Mapreduce with Big Data. Computers, Materials & Continua, 56(3), 365-379. https://doi.org/10.3970/cmc.2018.01830

In recent years, the rapid development of big data technology has also been favored by more and more scholars. Massive data storage and calculation problems have also been solved. At the same time, outlier detection problems in mass data have also co... Read More about SMK-means: An Improved Mini Batch K-means Algorithm Based on Mapreduce with Big Data.

Copy-move forgery detection using combined features and transitive matching (2018)
Journal Article
Lin, C., Lu, W., Huang, X., Liu, K., Sun, W., Lin, H., & Tan, Z. (2019). Copy-move forgery detection using combined features and transitive matching. Multimedia Tools and Applications, 78(21), 30081-30096. https://doi.org/10.1007/s11042-018-6922-4

Recently, the research of Internet of Things (IoT) and Multimedia Big Data (MBD) has been growing tremendously. Both IoT and MBD have a lot of multimedia data, which can be tampered easily. Therefore, the research of multimedia forensics is necessary... Read More about Copy-move forgery detection using combined features and transitive matching.